From machine learning to biometrics and blockchains, marketing technology companies aim to improve how they verify consumer identities.

That’s because a real identity is definitive, can be used to tell if someone pays bills on time and can be linked across many data layers that define what kind of customer a person is and what interests him/her.

But digital identities are not held in some virtual Fort Knox, and they are more vulnerable these days than ever. In fact, digital identity is facing a variety of crises — as well as testing out potential fixes.

One encroaching crisis goes by the initials GDPR.

It stands for General Data Protection Regulation (GDPR), the European Union’s new standards for consumers’ rights over their personal data, and it will go into effect next year. It sets up a variety of ways in which customers must grant permission for brands to use their data, and how brands must manage it.

The regulation pertains to customers from EU countries when they are in those countries — and when they are in non-EU countries. This means that major brands — and many smaller ones — will technically have at least part of their marketing data and management under GDPR guidelines.

If the enforcement is more than token, Forrester analyst Joe Stanhope thinks that management of digital identities “might bifurcate” into those that adhere to GDPR and those that do not. (Stanhope is speaking on the “Identity Resolution Imperative” at our MarTech Conference next week.)

Ironically, even as data protections of US consumers are weakening, US brands may have to decide whether they should adhere to GDPR standards.

One possible solution, Stanhope suggested, might be brands taking the initiative, showing they can be trusted with GDPR-quality identity management and encouraging customers to sign up in order to get additional benefits. GDPR could become a competitive advantage.

Buying your identity for

In emerging markets, identity research firm One World Identity’s CEO Travis Jarae told me, there is definitely an identity crisis because many of those residents don’t have birth certificates or other sources of outside, verifiable identity. He noted that Trulioo is attempting to provide some verification in those markets by bringing together more than 200 credit data sources worldwide, including credit cards, bank accounts and others.

Another reason for the crisis, which seems to get worse every day, is that it’s gotten so cheap to wear someone else’s identity.

He also pointed out that millennials “are moving away from credit card behavior” and frequently using digital currency or cash. He said the US Consumer Finance Protection Bureau reports about 50 million adults in the US, many of them millennials, have no credit cards.

That means no credit history, which has been essential to securing loans, and no standard trackable purchase history.

Madhu pointed to an increasingly popular approach to onboarding newly identified customers. It goes beyond credit history, and beyond the simple data fields that consumers often supply but which can be purchased — like the height on a driver’s license or a mother’s maiden name.

It is a way of looking at the unique configuration of data and behavior that defines individuals, employing machine learning and other forms of artificial intelligence to cross-check the credentials they offer, the behavior they exhibit and the patterns of their unique selves in online data.

It might discover, he said, that someone’s offered email address doesn’t correspond to their mobile phone number, based on data that ties the two together. Or that a consumer’s social profiles indicate she saw the musical “Rent” three times in three different cities, and this corresponds to her purchase history. One World Identity’s Jarae told me that 41 attributes are enough to provide a definitive profile whose pattern is verified by machine learning.

Biometrics and blockchains

But friends and family don’t need machine learning to recognize someone. They know what we look and sound like, and biometrics — long promised as an alternative identifier — is emulating a person’s friends as it now moves into the mainstream.

Citigroup, for instance, is just one of the financial institutions using voiceprint authentication. The recently released Samsung S8 smartphone now features two biometric sensors, an iris scanner and a fingerprint scanner, besting the iPhone’s fingerprint sensor.

Passive biometrics is also emerging, like machine learning that recognizes the patterns or speed of someone’s typing.

Madhu noted that biometrics — active or passive — may soon take the place of one part of two-factor authentication, the process of verifying registered users.

Frequently these days, a user logs on via username and password, and then a text string is texted to the user’s phone. But, he said, text strings “can be spooked,” so a fingerprint or iris scan — or even an app that senses the pattern of a person’s walking gait — might be used as the second factor.

And several emerging technologies could tilt the balance toward more accurate identification, and away from fraud.

Madhu noted that blockchains, for instance, could become permanent and immediately available “distributed ledgers” for verified identities, so that — potentially — a person only needs to be verified once.

Dallas-based Ortus Labs recently announced a software-based solution that can identify people in video shots from any video camera. A startup called Jumio has unveiled a face-, photo- and ID-recognition verification software that works through a mobile device to verify customers of a car-sharing service.

Like almost all protected digital data, digital identity can be faked, stolen or insufficiently verified. But such techniques as online patterns, shared databases and real-world signatures are now suiting up to help people prove who they really are.

About The Author

Barry Levine covers marketing technology for Third Door Media. Previously, he covered this space as a Senior Writer for VentureBeat, and he has written about these and other tech subjects for such publications as CMSWire and NewsFactor. He founded and led the web site/unit at PBS station Thirteen/WNET; worked as an online Senior Producer/writer for Viacom; created a successful interactive game, PLAY IT BY EAR: The First CD Game; founded and led an independent film showcase, CENTER SCREEN, based at Harvard and M.I.T.; and served over five years as a consultant to the M.I.T. Media Lab. You can find him at LinkedIn, and on Twitter at xBarryLevine.